Flow-based monitoring for Magic Transit
Network-layer DDoS attacks are on the rise, prompting security teams to rethink their L3 DDoS mitigation strategies to prevent business impact. Magic Transit protects customers’ entire networks from DDoS attacks by placing our network in front of theirs, either always on or on demand. Today, we’re announcing new functionality to improve the experience for on-demand Magic Transit customers: flow-based monitoring. Flow-based monitoring allows us to detect threats and notify customers when they’re under attack so they can activate Magic Transit for protection.
Magic Transit is Cloudflare’s solution to secure and accelerate your network at the IP layer. With Magic Transit, you get DDoS protection, traffic acceleration, and other network functions delivered as a service from every Cloudflare data center. With Cloudflare’s global network (59 Tbps capacity across 200+ cities) and <3sec time to mitigate at the edge, you’re covered from even the largest and most sophisticated attacks without compromising performance. Learn more about Magic Transit here.
Using Magic Transit on demand
With Magic Transit, Cloudflare advertises customers’ IP prefixes to the Internet with BGP in order to attract traffic to our network for DDoS protection. Customers can choose to use Magic Transit always on or on demand. With always Continue reading
Heavy Networking 564: Seven Engineers At The Community Roundtable
Today's Heavy Networking episode is a grab bag of topics delivered in our community roundtable format. Five engineers join Ethan Banks and Greg Ferro to talk about subjects including IPv6, SmartNICs, firewall rule management, becoming a manager, and other topics.
The post Heavy Networking 564: Seven Engineers At The Community Roundtable appeared first on Packet Pushers.
Building Snowflakes On Purpose
We all know that building snowflake networks is bad, right? If it’s not a repeatable process it’s going to end up being a problem down the road. If we can’t refer back to documentation to shows why we did something we’re going to end up causing issues and reducing reliability. But what happens when a snowflake process is required to fix a bigger problem? It’s a fun story that highlights where process can break down sometimes.
Reloaded
I’ve mentioned before that I spent about six months doing telephone tech support for Gateway computers. This was back in 2003 so Windows XP was the hottest operating system out there. The nature of support means that you’re going to be spending more time working on older things. In my case this was Windows 95 and 98. Windows 98 was a pain but it was easy to work on.
One of the most common processes we had for Windows 98 was a system reload. It was the last line of defense to fix massive issues or remove viruses. It was something that was second nature to any of the technicians on the help desk:
- Boot from the Gateway tools CD and use GWSCAN Continue reading
Why Customers Always Escalate To Tech Support
Responding to Eyvonne's piece on escalation
Video: High-Level Technology Guidelines
I concluded the Focus on Business Challenges First presentation (part of Business Aspects of Networking Technologies webinar) with a few technology guidelines starting with:
- Be vendor-agnostic (always look around to see what others are doing);
- Try to understand how the technology you’re evaluating really works (it will help you spot the potential problems before they crash your network);
- Always select what’s best for your business, not for the sales quota of your friendly $vendor account manager.
For more guidelines, watch the video (available with Free ipSpace.net Subscription).
Looking at What’s Driving Edge Computing’s New Security Strategy
As edge computing grows, security teams must address the requirement for visibility and control across the LAN, WAN, and cloud edges.Creating serendipity with Python
We've been experimenting with breaking up employees into random groups (of size 4) and setting up video hangouts between them. We're doing this to replace the serendipitous meetings that sometimes occur around coffee machines, in lunch lines or while waiting for the printer. And also, we just want people to get to know each other.
Which lead to me writing some code. The core of which is divide n elements into groups of at least size g minimizing the size of each group. So, suppose an office has 15 employees in it then it would be divided into three groups of sizes 5, 5, 5; if an office had 16 employees it would be 4, 4, 4, 4; if it had 17 employees it would be 4, 4, 4, 5 and so on.
I initially wrote the following code (in Python):
groups = [g] * (n//g)
for e in range(0, n % g):
groups[e % len(groups)] += 1
The first line creates n//g (// is integer division) entries of size g (for example, if g == 4 and n == 17 then groups == [4, 4, 4, 4]). The for loop deals with the 'left over' parts that Continue reading
The Role of Machine Learning and AIOps in Network Performance Management
Nascent AIOps holds the key to a more automated, streamlined, and optimized approach to IT management that can help quickly and effectively identify and resolve network issues.Response: Firefox 86 Introduces Total Cookie Protection – Mozilla Security Blog
Browsers keep users safe from excessive user tracking
Does Unequal-Cost Multipathing Make Sense?
Every now and then I’m getting questions along the lines “why doesn’t X support unequal-cost multipathing (UCMP)?” for X in [ OSPF, BGP, IS-IS ].
To set the record straight: BGP does support some rudimentary form of unequal-cost multipathing with the DMZ Bandwidth community, but it only works across multiple egress points from a single autonomous system. Follow-up nerd knobs described how to use the same community over EBGP sessions; not sure whether anyone implemented that part (comments welcome).
DeepLearning – Intro Fun
I am enjoying insights into deep learning and computer vision and how machine learning is applied on images. While Deep Learning and Nueral networks are subjects for experts in field, I wanted simply to be an end user to do some experiments on my dog and nothing more. I have to mention that I had internal resources to get training on image augmentation techniques, DLL Nueral network frameworks pretrained to be used readily but am still trying to find some way into what this technology is all about and how to implement in my AWS Deeplens.
https://pytorch.org/assets/deep-learning/Deep-Learning-with-PyTorch.pdf
This is a good book to get introduced into pytorch and deep learning terminology. There is a very interesting examples of doing image manipulation of a horse to zebra, and how you can transfer that learning to anything.
Below is how I used on my Dog and results, I had fun starting this and hope you will have fun too, you dont need any great programming or math to just access some of the Neural networks and do some analysis
Normal Image
I wrote this post to let anyone interested to know that I dint had to write any complicated coding Continue reading
Tech Bytes: Monitoring Remote Access VPN Performance With ThousandEyes (Sponsored)
On today's Tech Bytes podcast, we talk with sponsor ThousandEyes about monitoring remote access VPNs to get a clearer picture of connectivity and performance issues and to speed troubleshooting. Our guest is Alex Cruz Farmer, Principal Product Manager at ThousandEyes.
The post Tech Bytes: Monitoring Remote Access VPN Performance With ThousandEyes (Sponsored) appeared first on Packet Pushers.
The Hedge #72: Lisa Caywood and Marketectures
The open source world is not much different than the commercial world in terms of building marketectures rather than useable software—largely because open source projects still rely on sources of funding and material support to build and maintain a product. Many times, however, the focus on these marketectures get in the way of real work. Join Tom Ammon, Russ White, and Lisa Caywood as we discuss the problem of marketectures and the broader world of open source software.